View and Manage Policies

The Policy Library provides centralized access to all policies and manages the complete policy lifecycle, including configuration, versioning, publishing, execution, monitoring, and audit tracking.

It serves as the operational control center for governance enforcement.

Navigate to the Policy Library

Go to:

Identity Governance & Administration > Policy > Policy Library

The Policy Library displays the latest version of each policy and provides visibility into its enforcement state, execution history, violation posture, draft availability, and lifecycle actions.

Only the most recent version appears in the list view. If a draft exists, it appears alongside the published version.

Policy List View

Policies are displayed in a tabular format designed for monitoring and lifecycle management.

Columns

• Policy ID
• Policy Name
• Status (Draft, Published – vX, Archived)
• Policy Type
• Trigger Type (Event-driven or Scheduled)
• Owners
• Created By
• Created On
• Published On
• Last Run At
• Last Run Violations
• Active Violations

This view allows administrators to quickly determine:

• Which policies are actively enforcing
• Which policies have open violations
• When a policy last executed
• Whether a draft version exists

Policy States

Policies exist in one of three states.

Draft

Editable and inactive. Draft policies do not execute or generate violations.

Published

Active and evaluated based on configured triggers. Each publish action creates a new version and increments the version number.

Archived

Inactive and non-executable. Historical data, including runs, violations, and versions, remains available for audit purposes.

Only one draft version can exist per policy at a time.

View a Policy

1. Navigate to Identity Governance & Administration > Policy > Policy Library.
2. Select the required policy.

The policy details page opens with left-side navigation:

• Overview
• Violations
• Exemptions
• Policy Runs
• Version History

Overview

The Overview tab displays the active configuration of the policy.

It includes scope definition, rule conditions, remediation configuration, enforcement mode, severity, ownership, and version metadata. For published policies, the page displays the version number, publish date, and publisher information.

This view reflects the currently active configuration.

Violations, Exemptions, and Policy Runs

These tabs provide policy-specific operational views:

• Violations displays all violations generated by the policy.
• Exemptions displays all exemptions applied to the policy.
• Policy Runs displays execution history for the policy.

Detailed behavior for these sections is described in their respective chapters of this guide.

Version History

The Version History tab maintains a complete record of all published versions of a policy. Each publication creates a new version and records its configuration and metadata.

This tab provides traceability, audit visibility, and historical context.

Version List View

Each published version appears as a separate row in the table.

The table displays:

• Version (for example, v1)
• Status (Published)
• Last Published date and time
• Published By
• Created By
• Created At
• State at Publish (Monitor or Enforce)
• Total Runs
• Total Violations

This view shows how the policy evolved and how each version performed operationally.

The table supports refresh, density selection, and horizontal scrolling.

View Version Details

Selecting a version opens a detailed panel containing two sections:

Summary

Displays:

• Published by
• Published at
• Created by
• Created at
• State at publish
• Publish note

The publish note documents the reason for the change.

Configuration

Displays the policy configuration active at the time of publication, including:

• Policy information (name, type, owners, triggers)
• Scope configuration
• Rule definitions
• Remediation settings

This configuration is read-only and reflects the published state of that version.

Create Draft from a Version

A draft can be created from any published version.

1. Navigate to Version History.
2. Select the version.
3. Open the Actions (⋮) menu.
4. Select Create draft from this version.

The system creates a draft using that version’s configuration as the baseline.

Draft creation is restricted if the policy has:

• Active violations
• Active exemptions
• Ongoing policy runs

Blocking conditions must be resolved before draft creation is allowed.

Edit and Publish a Policy

Policies must be in Draft state to be edited.

Edit a Draft

1. Open the policy.
2. Select the edit icon next to:
   • Basics & Trigger
   • Scope
   • Rules
   • Remediation
3. Make the required updates.
4. Navigate to Review & Publish.
5. Enter a publish note.
6. Select Publish.

Publishing creates a new version, replaces the previously published version, and activates execution.

Policy Actions

Operational actions are available from the Actions (⋮) menu on the policy detail page.

Run Evaluation

Manually executes the policy outside its configured trigger schedule.

1. Open the policy.
2. Select Actions > Run Evaluation.

A new entry appears in the Policy Runs tab.

Duplicate

Creates a new draft policy using the existing configuration.

1. Open the policy.
2. Select Actions > Duplicate.

The duplicated policy starts in Draft state and maintains independent version history.

Unpublish

Removes the policy from active enforcement.

1. Open the policy.
2. Select Actions > Unpublish.

The policy returns to Draft state and stops executing. Historical data remains intact.

Archive

Permanently disables policy execution while retaining historical records.

1. Open the policy.
2. Select Actions > Archive.

Archived policies:

• Do not execute
• Cannot be edited
• Retain full run, violation, and version history
• Remain visible for audit purposes